Thursday, February 7, 2013

SSH client predefine your Source Port

Hi

I was actually searching to see how I can set my source port to be of some fixed value while SSHing to a server,  I found the way in this link

http://www.linuxforums.org/forum/security/182001-how-do-i-specify-source-port-ssh-client.html

 These are all that you would be require to do.

# ncat -l 2222 --sh-exec "ncat SSH_SERVER_IP 22 -p 443"


From another terminal you can see that port 2222 is listening on my system locally

# netstat -antulp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      847/cupsd      
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN      13219/ncat    

Form another terminal I tried to ssh to my local machine port 2222.

$ ssh bala@localhost -p 2222
bala@localhost's password:
Linux SSH_SERVER_IP 2.6.32-5

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.

bala@SSH_SERVER_IP:~$ exit
logout
Connection to localhost closed.
bala@bala-desktop:~$

Before I closed the connection shown above, I did this command from another terminal, which clearly shows that my source port to be 443.

bala@bala-desktop:~$ ss | grep 22
ESTAB      0      0               10.0.2.15:https        SSH_SERVER_IP:22

1 comment:

  1. it's a cool recipe for a network which closed with firewall.
    i have the server with http and ssh port opened. but admin restricts outgoing connections with 80&443.
    So, still my router can do NAT depending on source port I can knock-knock through one port :)
    thanks a lot.

    ReplyDelete